What is Kali Linux?
As we explored in previous sections, Kali Linux is an open source operating system based on Debian Linux
. The operating system is designed specifically for penetration testing and other cybersecurity tasks, and it comes equipped with over 600 tools just for penetration testing. It is free to download, customizable, and runs on a custom kernel. In this section, we will explore the basic principles of Kali Linux, the penetration testing tools it comes with, and an example case of Kali Linux being applied around the world.An important aspect of Kali Linux’s design
is that it’s made to be used by a single user with root permissions. Due to the nature of penetration testing and cybersecurity analysis, Kali typically deletes all user data on shutdown. This is not a general-use operating system, and it’s highly inefficient to adapt it towards everyday desktop tasks. Furthermore, Kali is not designed for first-time Linux users. A basic familiarity with Linux or desktop distributions like Ubuntu can make Kali Linux easier to learn, but it is not essential if you already have some experience using the command console. In short, Kali Linux is a covert, single-user operating system designed specifically for penetration testing.The tools that come installed with Kali Linux are powerful programs that can carry out a myriad of cybersecurity roles. We can break down these tools into categories according to their tasks: Information gathering, vulnerability analysis, wireless attacks, web applications, exploitation, stress testing, forensics, reporting, sniffing and spoofing, passwords, hardware hacks, reverse engineering, and entrenchment. As you can see, Kali Linux has many diverse applications and is useful in most cybersecurity endeavors. Each category has several tools, and there is offline documentation that instructs their use.Let’s explore a scenario that would require extensive use of Kali Linux and its features. A penetration tester is hired to hack into a highly secured organization and report security flaws. To begin, password cracking tools such as Aircrack-ng and Wifiphisher are used to gain access to the organization’s network via a Wi-Fi access point. The attacker then uses Maltego and Wireshark
to gather information on the target and identify hosts on the network. After gathering a list of potential hosts, Nmap is used to scan each for open/vulnerable ports. The scan reveals an open SSH port on an unsecured host, and Cymothoa is used to covertly install a backdoor once logged in. After the quiet exfiltration of targeted data via CryptCat, the attacker carefully disconnects from the network. Finally, all the data used during the attack is neatly disposed of once the Kali Linux device is shut down.To summarize, Kali Linux is a very versatile Debian-based operating system
that is dedicated to cybersecurity and penetration testing
. Each step of penetration testing comes with a choice of many useful programs, and documentation is available in the manual pages and online for each one. Anyone seeking to get into cybersecurity and/or penetration testing should have, at the very least, a rudimentary understanding of Linux and Kali Linux.TL;DR
- Kali Linux is a very useful and essential operating system for many cybersecurity professionals. It comes equipped with hundreds of cybersecurity tools, including several programs for each step of the penetration testing process. An example case is given, outlining each step of penetration testing with Kali Linux.